Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Chapter 1 (as PDF)
Document related concepts
Gröbner basis wikipedia , lookup
Ring (mathematics) wikipedia , lookup
Congruence lattice problem wikipedia , lookup
System of polynomial equations wikipedia , lookup
Modular representation theory wikipedia , lookup
Birkhoff's representation theorem wikipedia , lookup
Group (mathematics) wikipedia , lookup
Field (mathematics) wikipedia , lookup
Homomorphism wikipedia , lookup
Cayley–Hamilton theorem wikipedia , lookup
Polynomial greatest common divisor wikipedia , lookup
Factorization wikipedia , lookup
Eisenstein's criterion wikipedia , lookup
Commutative ring wikipedia , lookup
Fundamental theorem of algebra wikipedia , lookup
Factorization of polynomials over finite fields wikipedia , lookup
Transcript
Chapter 1
Introduction
Finite fields is a branch of mathematics which has come to the fore in the last 50 years due to
its numerous applications, from combinatorics to coding theory. In this course, we will study the
properties of finite fields, and gain experience in working with them.
In the first two chapters, we explore the theory of fields in general. Throughout, we emphasize
results particularly important to finite fields, but allow fields to be arbitrary unless otherwise stated.
1
Group theory: a brief summary
We begin by recalling the definition of a group.
Definition 1.1
A group is a set G, together with a binary operation ∗, such that the following axioms hold:
Closure: G is closed under the operation ∗: x, y ∈ G =⇒ x ∗ y ∈ G;
Associativity: (x ∗ y) ∗ z = x ∗ (y ∗ z) for all x, y, z ∈ G;
Identity: there exists an element e ∈ G (called the identity of G) such that x ∗ e = e ∗ x = x for
all x ∈ G;
Inverses: for every element x ∈ G there exists an element x−1 ∈ G (called the inverse of x) such
that x ∗ x−1 = x−1 ∗ x = e.
Note: We often write · instead of ∗ or leave it out completely.
Definition 1.2
A group G is said to be abelian if the binary operation ∗ is commutative, i.e. if x ∗ y = y ∗ x for all
x, y ∈ G. The operation ∗ is often replaced by + for abelian groups, i.e. x ∗ y is written x + y
We then say that the group is “written additively” (as opposed to being “written multiplicatively”).
Example 1.3
The following are examples of groups:
• The set Z of integers with the operation of addition (this is abelian);
• the set GLn (R) of invertible (n × n)-matrices with real entries, with the operation of matrix
multiplication, forms a group (for n > 1 this is not abelian).
• Let G be the set of remainders of all the integers on division by n, e.g. G = {0, 1, . . . , n − 1}.
Let a ∗ b be the operation of taking the integer sum a + b and reducing it modulo n. Then
(G, ∗) is a group (this is abelian).
3
CHAPTER 1. INTRODUCTION
4
Definition 1.4
A multiplicative group G is said to be cyclic if there is an element a ∈ G such that for any b ∈ G
there is some integer j with b = aj . Such an element is called a generator of the cyclic group, and
we write G = hai.
Note we may have more than one generator, e.g. either 1 or −1 can be used to generate the additive
group Z.
Definition 1.5
For a set S, a subset R of S × S is called an equivalence relation on S if it satisfies:
• (s, s) ∈ R for all s ∈ S (reflexive)
• If (s, t) ∈ R then (t, s) ∈ R (symmetric)
• If (s, t), (t, u) ∈ R then (s, u) ∈ R (transitive).
An equivalence relation R on S induces a partition of S. If we collect all elements of S equivalent to a fixed s ∈ S, we obtain the equivalence class of s, denoted by
[s] = {t ∈ S : (s, t) ∈ R}.
The collection of all equivalence classes forms a partition of S, and [s] = [t] ⇔ (s, t) ∈ R.
Definition 1.6
For arbitrary integers a,b and positive integer n, we say that a is congruent to b modulo n if the
difference a − b is a multiple of n, i.e. a = b + kn for some integer k. We write a ≡ b mod n for
this.
It is easily checked that “congruence modulo n” is an equivalence relation on the set Z of
integers. Consider the equivalence classes into which the relation partitions Z. These are the sets:
[a] = {m ∈ Z : m ≡ a mod n}
= {m ∈ Z : m = a + kn for some k ∈ Z}.
E.g. for n = 4 we have:
[0] = {. . . , −8, −4, 0, 4, 8, . . .};
[1] = {. . . , −7, −3, 1, 5, 9, . . .};
[2] = {. . . , −6, −2, 2, 6, 10, . . .};
[3] = {. . . , −5, −1, 3, 7, 11, . . .}.
We may define on the set {[0], [1], . . . , [n−1]} a binary operation, which we shall write as + (though
it is not ordinary addition) by
[a] + [b] := [a + b]
where a and b are any elements of the sets [a] and [b] respectively, and a + b is the ordinary sum of
a and b. Can show (exercise) that this is well-defined, i.e. does not depend on choice of representatives.
Theorem 1.7
Let n ∈ N. The set {[0], [1], . . . , [n − 1]} of equivalence classes modulo n forms a group under the
operation + given by [a] + [b] := [a + b]. It is called the group of integers modulo n and is denoted
Zn . It is cyclic with [1] as a generator.
Proof.
See Exercise Sheet 1.
1. GROUP THEORY: A BRIEF SUMMARY
5
Definition 1.8
A group is called finite (respectively, infinite) if it contains finitely (respectively, infinitely) many
elements. The number of elements of a finite group G is called its order, written |G|.
Definition 1.9
A subset H of the group G is a subgroup of G if H is itself a group with respect to the operation of
G, this is written H ≤ G. The (cyclic) subgroup consisting of all powers of some element a ∈ G is
denoted hai and called the subgroup generated by a. If | hai | is finite, it is called the order of a, it is
the smallest natural number i such that ai = e.
Next, we generalize the notion of congruence, as follows.
Theorem 1.10
If H is a subgroup of G, then the relation RH on G defined by (a, b) ∈ RH if and only if a = bh
for some h ∈ H (additively, a = b + h for some h ∈ H ) is an equivalence relation. The relation is
called left congruence modulo H .
The equivalence classes are called the left cosets of H in G; each has size |H|. Right congruence
and right cosets are defined analogously.
Note that when (G, ∗) = (Z, +) and H = hni, we get back our previous definition of congruence, since a ≡ b mod n ⇔ a = b + h for some h ∈ hni.
Definition 1.11
The index of H in G (denoted by [G : H]) is the number of left cosets of H in G, and is equal to
the number of right cosets of H in G.
Theorem 1.12
The order of a finite group G is equal to the product of the order of any subgroup H and the index
of H in G. In particular, the order of H divides the order of G and the order of any element a ∈ G
divides the order of G.
Proof.
Exercise
We can easily describe subgroups and orders for cyclic groups. In what follows, φ is Euler’s
function; i.e. φ(n) := the number of integers k with 1 ≤ k ≤ n which are relatively prime to n. If
the integer n has the prime factorization pk11 pk22 . . . pkr r , then
φ(n) = n(1 −
1
1
1
)(1 − ) · · · (1 − ).
p1
p2
pr
So, for example, φ(7) = 6 and φ(30) = 2 · 3 · 5 · 12 · 32 · 54 = 8. See Example Sheet for more details.
Theorem 1.13
(i) Every subgroup S of a cyclic group G = hai is cyclic.
(ii) In a finite cyclic group hai of order m, the element ak generates a subgroup of order
m
gcd(k,m) .
(iii) For any positive divisor d of m, hai contains precisely one subgroup of order d and precisely
one subgroup of index d.
(iv) Let f be a positive divisor of m. Then hai contains φ(f ) elements of order f .
(v) A finite cyclic group hai of order m contains φ(m) generators, namely the powers ar with
gcd(r, m) = 1.
CHAPTER 1. INTRODUCTION
6
Proof.
(i) If S = {e}, then S is cyclic with generator
ke. Otherwise,
let
k be the least positive integer
k
k
for which a ∈ S. We will show: S = a . Clearly a ⊆ S. Now, take an arbitrary
s ∈ S, then s = an for some n ∈ Z. By the division algorithm for integers, there exist
q, r ∈ Z with 0 ≤ r < k such that n = qk + r. Then an = aqk+r = (ak )q · ar , implying
ar ∈ S. If r > 0,
this contradicts the minimality of k, so we must have r = 0 and hence
s = an = (ak )q ∈ ak .
(ii) Set d := gcd(k, m). The order of ak is the least positive integer n such that akn = e. This
identity holds if and only if m divides kn, i.e. if and only if m
d divides n. The least positive n
.
with this property is n = m
d
(iii) Exercise: see Exercise Sheet 1.
(iv) Let | hai | = m and m = df . By (ii), the element ak is of order f if and only if gcd(k, m) = d.
So the number of elements of order f is equal to the number of integers k with 1 ≤ k ≤ m
and gcd(k, m) = d. Equivalently, writing k = dh with 1 ≤ h ≤ f , the condition becomes
gcd(h, f ) = 1. There are precisely φ(f ) such h.
(v) The first part follows from (iv), since the generators of hai are precisely the elements of order
m. The second part follows from (ii).
Definition 1.14
• A subgroup H of G is normal ⇔ its left and right cosets coincide.
We write H ⊳ G in that case.
• For a normal subgroup H, the set of (left) cosets of H in G forms a group, denoted G/H.
The operation is
(aH)(bH) := (ab)H.
Definition 1.15
A mapping f : G → H of the group G into the group H is called a homomorphism of G into H
if f preserves the operation of G, i.e. (gk)f = (gf ) · (kf ) for all g, k ∈ G. If f is a bijective
homomorphism it is called an isomorphism and we say G and H are isomorphic and write G ∼
= H.
An isomorphism of G onto itself is called an automorphism of G.
Definition 1.16
The kernel of the homomorphism f : G → H of the group G into the group H is the set (actually,
normal subgroup)
ker(f ) := {a ∈ G : af = eH }.
The image of f is the set (actually, subgroup)
im(f ) := {af : a ∈ G}.
Theorem 1.17
[First Isomorphism Theorem] Let f : G → H be a homomorphism of groups. Then kerf is a
normal subgroup of G and
G/kerf ∼
= imf by the isomorphism g ker (f ) 7→ gf.
Proof. Omitted.
Example 1.18
Take G := Z, H := Zn and f : a 7→ [a]. Then f is a homomorphism with ker(f ) = hni and
im(f ) = Zn , and so the First Isomorphism Theorem says that Z/ hni and Zn are isomorphic as
groups.
2. RINGS AND FIELDS
2
7
Rings and fields
Definition 2.1
A ring (R, +, ∗) is a set R, together with two binary operations, denoted by + and ∗, such that
• R is an abelian group with respect to +;
• R is closed under ∗;
• ∗ is associative, that is (a ∗ b) ∗ c = a ∗ (b ∗ c) for all a, b, c ∈ R;
• the distributive laws hold, that is, for all a, b, c ∈ R we have a ∗ (b + c) = (a ∗ b) + (a ∗ c)
and (b + c) ∗ a = (b ∗ a) + (c ∗ a).
Typically, we use 0 to denote the identity element of the abelian group R with respect to addition,
and −a to denote the additive inverse of a ∈ R.
Definition 2.2
• A ring is called a ring with identity if the ring has a multiplicative identity (usually denoted e
or 1).
• A ring is called commutative if ∗ is commutative.
• A ring is called an integral domain if it is a commutative ring with identity e 6= 0 in which
ab = 0 implies a = 0 or b = 0 (i.e. no zero divisors).
• A ring is called a division ring (or skew field) if the non-zero elements form a group under ∗.
• A commutative division ring is called a field.
Example 2.3
• the integers (Z, +, ∗) form an integral domain but not a field;
• the rationals (Q, +, ∗), reals (R, +, ∗) and complex numbers (C, +, ∗) form fields;
• the set of 2 × 2 matrices with real entries forms a non-commutative ring with identity w.r.t.
matrix addition and multiplication.
• the group Zn with addition as before and multiplication defined by [a][b] := [ab] is a commutative ring with identity [1].
So, in summary: a field is a set F on which two binary operations, called addition and multiplication, are defined, and which contains two distinguished elements e and 0 with 0 6= e. Moreover,
F is an abelian group with respect to addition, having 0 as the identity element, and the non-zero
elements of F (often written F ∗ ) form an abelian group with respect to multiplication having e as
the identity element. The two operations are linked by the distributive laws.
Theorem 2.4
Every finite integral domain is a field.
Proof. Let R be a finite integral domain, and let its elements be r1 , r2 , . . . , rn . Consider a fixed
non-zero element r ∈ R. Then the products rr1 , rr2 , . . . , rrn must be distinct, since rri = rrj
implies r(ri − rj ) = 0, and since r 6= 0 we must have ri − rj = 0, i.e. ri = rj . Thus, these
products are precisely the n elements of R. Each element of R is of the form rri ; in particular, the
identity e = rri for some 1 ≤ i ≤ n. Since R is commutative, we also have ri r = e, and so ri is
the multiplicative inverse of r. Thus the non-zero elements of R form a commutative group, and R
is a field.
CHAPTER 1. INTRODUCTION
8
Definition 2.5
• A subset S of a ring R is called a subring of R if S is closed under + and ∗ and forms a ring
under these operations.
• A subset J of a ring R is called an ideal if J is a subring of R and for all a ∈ J and r ∈ R
we have ar ∈ J and ra ∈ J.
• Let R be a commutative ring with an identity. Then the smallest ideal containing an element
a ∈ R is (a) := {ra : r ∈ R}. We call (a) the principal ideal generated by a.
Definition 2.6
An integral domain in which every ideal is principal is called a principal ideal domain (PID).
Example 2.7
Z is a PID.
An ideal J of R defines a partition of R into disjoint cosets (with respect to +), residue classes
modulo J. These form a ring w.r.t. the following operations:
(a + J) + (b + J) = (a + b) + J,
(a + J)(b + J) = ab + J.
This ring is called the residue class ring and is denoted R/J.
Example 2.8
The residue class ring Z/(n)
Here, (n) is the principal ideal generated by the integer n (same set nZ as the subgroup hni but now
with two operations). As in the group case, we denote the residue class of a modulo n by [a], as well
as by a + (n). The elements of Z/(n) are [0] = 0 + (n), [1] = 1 + (n), . . . , [n − 1] = n − 1 + (n).
Theorem 2.9
Z/(p), the ring of residue classes of the integers modulo the principal ideal generated by a prime p,
is a field.
Proof.
By Theorem 2.4, it is enough to show that Z/(p) is an integral domain. Now, [a][b] =
[ab] = [0] if and only if ab = kp for some k ∈ Z. Since p is prime, p divides ab if and only if p
divides one of the factors. So, either [a] = [0] or [b] = [0], so Z/(p) contains no zero divisors. These are our first examples of finite fields!
Example 2.10
Here are the addition and multiplication tables for the field Z/(3):
+
0 + (3)
1 + (3)
2 + (3)
0 + (3)
0 + (3)
1 + (3)
2 + (3)
1 + (3)
1 + (3)
2 + (3)
0 + (3)
2 + (3)
2 + (3)
,
0 + (3)
1 + (3)
∗
0 + (3)
1 + (3)
2 + (3)
0 + (3)
0 + (3)
0 + (3)
0 + (3)
1 + (3)
0 + (3)
1 + (3)
2 + (3)
2 + (3)
0 + (3)
.
2 + (3)
1 + (3)
Remark 2.11
As you will prove in Exercise Sheet 1, the above result does not hold if p is replaced by a composite
n.
Definition 2.12
A mapping φ : R → S (R,S rings) is called a ring homomorphism if for any a, b ∈ R we have
φ(a + b) = φ(a) + φ(b) and φ(ab) = φ(a)φ(b).
2. RINGS AND FIELDS
9
A ring homomorphism preserves both + and ∗ and induces a homomorphism of the additive group
of R into that of S. Concepts such as kernel and image are defined analogously to the groups case.
We have a ring version of the First Isomorphism Theorem:
Theorem 2.13 (First Isomorphism Theorem for Rings)
If φ is a ring homomorphism from a ring R onto a ring S then the factor ring R/kerφ and the ring
S are isomorphic by the map
r + kerφ 7→ φ(r).
We can use mappings to transfer a structure from an algebraic system to a set without structure.
Given a ring R, a set S and a bijective map φ : R → S, we can use φ to define a ring structure on S
that converts φ into an isomorphism. Specifically, for s1 = φ(r1 ) and s2 = φ(r2 ), define
s1 + s2 to be φ(r1 + r2 ), and s1 s2 to be φ(r1 )φ(r2 ).
This is called the ring structure induced by φ; any extra properties of R are inherited by S.
This idea allows us to obtain a more convenient representation for the finite fields Z/(p).
Definition 2.14
For a prime p, let Fp be the set {0, 1, . . . , p − 1} of integers, and let φ : Z/(p) → Fp be the mapping
defined by φ([a]) = a for a = 0, 1, . . . , p − 1. Then Fp endowed with the field structure induced by
φ is a finite field, called the Galois field of order p.
From above, the mapping φ becomes an isomorphism, so φ([a] + [b]) = φ([a]) + φ([b]) and
φ([a][b]) = φ([a])φ([b]). The finite field Fp has zero element 0, identity element 1 and its structure
is that of Z/(p). So, computing with elements of Fp now means ordinary arithmetic of integers with
reduction modulo p.
Example 2.15
• F2 : the elements of this field are 0 and 1. The operation tables are:
+ 0 1
0 0 1 ,
1 1 0
∗ 0 1
0 0 0
1 0 1
• We have Z/(5), isomorphic to F5 = {0, 1, 2, 3, 4}, where the isomorphism is given by [0] 7→
0, . . . , [4] 7→ 4. The operation tables are:
+
0
1
2
3
4
0
0
1
2
3
4
1
1
2
3
4
0
2
2
3
4
0
1
3
3
4
0
1
2
4
4
0
,
1
2
3
∗
0
1
2
3
4
0
0
0
0
0
0
1
0
1
2
3
4
2
0
2
4
1
3
3
0
3
1
4
2
4
0
4
3
2
1
Definition 2.16
If R is an arbitrary ring and there exists a positive integer n such that nr = 0 for every r ∈ R
(i.e. r added to itself n times is the zero element) then the least such positive integer n is called the
characteristic of R, and R is said to have positive characteristic. If no such positive integer n exists,
R is said to have characteristic 0.
Example 2.17
• F2 and F5 have characteristic 2 and 5 respectively.
CHAPTER 1. INTRODUCTION
10
• Q and R have characteristic 0.
Theorem 2.18
A ring R 6= {0} of positive characteristic with an identity and no zero divisors must have prime
characteristic.
Proof. Since R contains non-zero elements, R has characteristic n ≥ 2. If n were not prime, we
could write n = km with k, m ∈ Z, 1 < k, m < n. Then 0 = ne = (km)e = (ke)(me), so either
ke = 0 or me = 0, since R has no zero divisors. Hence either kr = (ke)r = 0 for all r ∈ R or
mr = (me)r = 0 for all r ∈ R, contradicting the definition of n as the characteristic.
Corollary 2.19
A finite field has prime characteristic.
Proof. From Theorem 2.18, we need only show that a finite field F has a positive characteristic.
Consider the multiples e, 2e, 3e, . . . of the identity. Since F contains only finitely many elements,
there must exist integers k and m with 1 ≤ k < m such that ke = me, i.e. (k − m)e = 0, and thus
(k − m)f = (k − m)ef = 0f = 0 for all f ∈ F so F has a positive characteristic.
Example 2.20
The field Z/(p) (equivalently, Fp ) has characteristic p.
Theorem 2.21 (Freshmen’s Exponentiation)
Let R be a commutative ring of prime characteristic p. then
n
n
n
n
n
(a + b)p = ap + bp and (a − b)p = ap − bp
n
for a, b ∈ R and n ∈ N.
Proof.
It can be shown (see Exercise Sheet 1) that
p
p(p − 1) · · · (p − i + 1)
≡ 0 mod p
=
1 · 2···i
i
for all i ∈ Z with 0 < i < p. By the Binomial Theorem,
p p−1
p
p
p
(a + b) = a +
a b + ··· +
abp−1 + bp = ap + bp
1
p−1
and induction on n establishes the first identity. The second identity follows since
n
n
n
n
ap = ((a − b) + b)p = (a − b)p + bp .
3
Polynomials
Let R be an arbitrary ring. A polynomial over R is an expression of the form
f=
n
X
ai xi = a0 + a1 x + · · · + an xn ,
i=0
where n is a non-negative integer, the coefficients ai (0 ≤ i ≤ n) are elements of R, and x is a
symbol not belonging to R, called an indeterminate over R.
3. POLYNOMIALS
11
DefinitionP
3.1
n
i
n
Let f =
i=0 ai x = a0 + a1 x + · · · + an x be a polynomial over R which is not the zero
polynomial, so we can suppose an 6= 0. Then n is called the degree of f . By convention, deg(0) =
−∞. Polynomials of degree 0 are called constant polynomials. If the leading coefficient of f is 1
(the identity of R) then f is called a monic polynomial.
Pn
Pn
i
i
Given two polynomials f and g, we can write f =
i=0 ai x and g =
i=0 bi x (taking
coefficients zero if necessary to ensure the same n). We define their sum to be
f +g =
n
X
(ai + bi )xi
i=0
and their product to be
fg =
2n
X
k=0
ck xk , where ck =
X
ai bj .
i+j=k,0≤i≤n,0≤j≤n
Note that the degree of the product of two non-zero polynomials f and g is equal to the sum of the
degrees of f and g.
Theorem 3.2
With the above operations, the set of polynomials over R forms a ring. It is called the polynomial
ring over R and denoted by R[x]. Its zero element is the zero polynomial, all of whose coefficients
are zero.
Proof.
Exercise.
Let F denote a (not necessarily finite) field. From now on, we consider polynomials over fields.
We say that the polynomial g ∈ F [x] divides f ∈ F [x] if there exists a polynomial h ∈ F [x]
such that f = gh.
Theorem 3.3 (Division Algorithm)
Let g 6= 0 be a polynomial in F [x]. Then for any f ∈ F [x], there exist polynomials q, r ∈ F [x]
such that
f = qg + r, where deg(r) < deg(g).
Using the division algorithm, we can show that every ideal of F [x] is principal:
Theorem 3.4
F [x] is a principal ideal domain. In fact, for every ideal J 6= (0) of F [x] there is a uniquely
determined monic polynomial g ∈ F [x] such that J = (g).
Proof.
Let I be an ideal in F [x]. If I = {0}, then I = (0). If I 6= {0}, choose a non-zero
polynomial k ∈ I of smallest degree. Let b be the leading coefficient of k, and set m = b−1 k. Then
m ∈ I and m is monic. We will show: I = (m). Clearly, (m) ⊆ I. Now take f ∈ I; by the division
algorithm there are polynomials q, r with f = qm + r where either r = 0 or deg(r) < deg(m).
Now, r = f − qm ∈ I. If r 6= 0, we contradict the minimality of m; so we must have r = 0, i.e. f
is a multiple of m and I = (m).
We now show uniqueness: if m1 ∈ F [x] is another monic polynomial with I = (m1 ), then
m = c1 m1 and m1 = c2 m with c1 , c2 ∈ F [x]. Then m = c1 c2 m, i.e. c1 c2 = 1, and so c1 , c2 are
constant polynomials. Since both m and m1 are monic, we must have m = m1 .
We next introduce an important type of polynomial.
CHAPTER 1. INTRODUCTION
12
Definition 3.5
A polynomial p ∈ F [x] is said to be irreducible over F if p has positive degree and p = bc with
b, c ∈ F [x] implies that either b or c is a constant polynomial. A polynomial which does allow a
non-trivial factorization over F is called reducible over F .
Note that the field F under consideration is all-important here, e.g. the polynomial x2 + 1 is irreducible in R[x] but reducible in C[x], where it factors as (x + i)(x − i).
Theorem 3.6 (Unique Factorization)
Any polynomial f ∈ F [x] of positive degree can be written in the form
f = ape11 . . . pekk
where a ∈ F , p1 , . . . , pk are distinct monic irreducibles in F [x] and e1 , . . . , ek are positive integers.
This factorization is unique up to the order in which the factors occur; it is called the canonical
factorization of f in F [x].
Proof.
Omitted.
Example 3.7
Find all irreducible polynomials over F2 of degree 3.
First, note that a non-zero polynomial in F2 [x] must be monic. The degree 3 polynomials are of
the form x3 + ax2 + bx + c, where each coefficient is 0 or 1, i.e. there are 23 = 8 of them. Such
a polynomial is reducible over F2 precisely if it has a divisor of degree 1. Compute all products
(x + a0 )(x2 + b1 x + b0 ) to obtain all reducible degree 3 polynomials over F2 . There are 6 of these,
leaving 2 irreducibles: x3 + x + 1 and x3 + x2 + 1.
Theorem 3.8
For f ∈ F [x], the residue class ring F [x]/(f ) is a field if and only if f is irreducible over F .
Proof. Details omitted. For those who know some ring theory this is immediate since, for a PID
S , S/(c) is a field if and only if c is a prime element of S . Here, the prime elements of the PID R[x]
are precisely the irreducible polynomials.
We will be very interested in the structure of the residue class ring F [x]/(f ), for arbitrary nonzero polynomial f ∈ F [x]. To summarize,
• F [x]/(f ) consists of residue classes g + (f ) (also denoted [g]) with g ∈ F [x].
• Two residue classes g +(f ) and h+(f ) are identical if and only if g ≡ h mod f , i.e. precisely
if g − h is divisible by f . This is equivalent to: g and h have the same remainder on division
by f .
• Each residue class g + (f ) contains a unique representative r ∈ F [x] with deg(r) < deg(f ),
namely the remainder when g is divided by f . The process of moving from g to r is called
reduction mod f . (Exercise: uniqueness?)
• Hence the distinct residue classes comprising F [x]/(f ) are precisely the residue classes r +
(f ), where r runs through all polynomials in F [x] with deg(r) < deg(f ).
• In particular, if F = Fp and deg(f ) = n, then the number of elements of Fp /(f ) is equal to
the number of polynomials in Fp /(f ) of degree < n, namely pn .
Example 3.9
• Let f = x ∈ F2 [x]. The field F2 [x]/(x) has 21 = 2 elements, namely 0 + (x) and 1 + (x).
This field is isomorphic to F2 .
3. POLYNOMIALS
13
• Let f = x2 + x + 1 ∈ F2 [x]. Then F2 [x]/(f ) is a finite field of 22 = 4 elements: {0 +
(f ), 1 + (f ), x + (f ), x + 1 + (f )}. Its behaviour under addition and multiplication is shown
below (remember our field has characteristic 2). When performing field operations note that,
since we replace each occurrence of f by 0, the polynomial representative for each residue
class has degree less than 2.
0 + (f )
1 + (f )
x + (f )
x + 1 + (f )
+
0 + (f )
0 + (f )
1 + (f )
x + (f )
x + 1 + (f )
1 + (f )
0 + (f )
x + 1 + (f )
0 + (f ) ,
1 + (f )
x + (f )
x + (f )
x + 1 + (f )
0 + (f )
1 + (f )
x + (f )
1 + (f )
0 + (f )
x + 1 + (f ) x + 1 + (f )
∗
0 + (f )
1 + (f )
x + (f )
x + 1 + (f )
0 + (f )
1 + (f )
x + (f )
x + 1 + (f )
0 + (f )
0 + (f )
0 + (f )
0 + (f )
0 + (f )
1 + (f )
x + (f )
x + 1 + (f ) .
0 + (f )
x + (f )
x + 1 + (f )
1 + (f )
0 + (f ) x + 1 + (f )
1 + (f )
x + (f )
Note that, in the multiplication table,
(x + (f ))(x + (f )) = x2 + (f ) = f − x − 1 + (f ) = x + 1 + (f ),
(x + (f ))(x + 1 + (f )) = x2 + x + (f ) = f − 1 + (f ) = 1 + (f ),
(x + 1 + (f ))(x + 1 + (f )) = x2 + 1 + (f ) = f − x + (f ) = x + (f ).
Comparing these tables to those of Z4 we see that the field F2 [x]/(f ) is not isomorphic to Z4 ,
which is not a field since in Z4 we have 2 · 2 = 0.
What is the multiplicative order of x+(f ) in F2 [x]/(f )? The multiplicative group of this field
has order 22 −1 = 3, so the order must be 1 or 3. Clearly x+(f ) 6= 1+(f ), so the order must
be 3. Check: (x + (f ))3 = (x + (f ))(x2 + (f )) = x(x + 1) + (f ) = x2 + x + (f ) = 1 + (f ).
• Let f = x2 + 2 ∈ F3 [x]. We find that F3 [x]/(f ) is a ring of 9 elements which is not even an
integral domain, let alone a field. Its elements are {0 + (f ), 1 + (f ), 2 + (f ), x + (f ), x +
1 + (f ), x + 2 + (f ), 2x + (f ), 2x + 1 + (f ), 2x + 2 + (f )}. To see that it is not an integral
domain, note that (x + 1 + (f ))(x − 1 + (f )) = x2 − 1 + (f ) = x2 + 2 + (f ) = 0 + (f ),
but neither x + 1 + (f ) nor x − 1 + (f ) are zero.
Definition 3.10
An element a ∈ F is called a root (or zero) of the polynomial f ∈ F [x] if f (a) = 0.
Example 3.11
(i) The elements 2, 3 ∈ Q are roots of x2 − 5x + 6 ∈ Q[x].
(ii) The polynomial x2 + 1 ∈ Q[x] has no roots in Q, but two roots ±i ∈ C.
Definition 3.12
If f = a0 + a1 x + a2 x2 + · · · + an xn ∈ F [x], then the derivative f ′ of f is defined by f ′ =
a1 + 2a2 x + · · · + nan xn−1 ∈ F [x].
This obeys the familiar rules:
(f + g)′ = f ′ + g′
and
(f g)′ = f g′ + f ′ g.
CHAPTER 1. INTRODUCTION
14
Theorem 3.13
An element a ∈ F is a root of the polynomial f ∈ F [x] if and only if x − a divides f .
Proof.
Using the Division Algorithm, we can write
f = q · (x − a) + c
with q ∈ F [x] and c ∈ F . Substituting x = a, we get f (a) = c, hence f = q · (x − a) + f (a). The
theorem follows from this identity.
Definition 3.14
Let a ∈ F be a root of f ∈ F [x]. If k is a positive integer such that f is divisible by (x − a)k but
not (x − a)k+1 , then k is called the multiplicity of a. If k ≥ 2 then a is called a multiple root of f .
Theorem 3.15
An element a ∈ F is a multiple root of f ∈ F [x] if and only if it is a root of both f and its derivative
f ′.
Proof.
Exercise
Example 3.16
Consider the polynomial f = x3 − 7x2 + 16x − 12 ∈ Q[x]. It factors as (x − 2)2 (x − 3), so its roots
are 2 (with multiplicity 2) and 3 (with multiplicity 1). Here, f ′ = 3x2 − 14x + 16 which factors as
(x − 2)(3x − 8), so we can verify that 2 is also a root of f ′ .
The following observation is very important.
Theorem 3.17
If F is a field and f ∈ F [x] has degree n, then F contains at most n roots of f .
Proof. Outline: Suppose F contains n + 1 distinct roots a1 , . . . , an+1 of f . By Theorem 3.13,
we can show that this implies f = (x − a1 )(x − a2 ) · · · (x − an+1 )g for some polynomial g,
contradicting deg(f ) = n.
